def post(self, request, lib_key_str): """ Add a user to this content library via email, with permissions specified in the request body. """ key = LibraryLocatorV2.from_string(lib_key_str) api.require_permission_for_library_key(key, request.user, permissions.CAN_EDIT_THIS_CONTENT_LIBRARY_TEAM) serializer = ContentLibraryAddPermissionByEmailSerializer(data=request.data) serializer.is_valid(raise_exception=True) try: user = User.objects.get(email=serializer.validated_data.get('email')) except User.DoesNotExist: raise ValidationError({'email': _('We could not find a user with that email address.')}) grant = api.get_library_user_permissions(key, user) if grant: return Response( {'email': [_('This user already has access to this library.')]}, status=status.HTTP_400_BAD_REQUEST, ) try: api.set_library_user_permissions(key, user, access_level=serializer.validated_data["access_level"]) except api.LibraryPermissionIntegrityError as err: raise ValidationError(detail=str(err)) grant = api.get_library_user_permissions(key, user) return Response(ContentLibraryPermissionSerializer(grant).data)
def get(self, request, lib_key_str, username): """ Gets the current permissions settings for a particular user. """ key = LibraryLocatorV2.from_string(lib_key_str) api.require_permission_for_library_key(key, request.user, permissions.CAN_VIEW_THIS_CONTENT_LIBRARY_TEAM) user = get_object_or_404(User, username=username) grant = api.get_library_user_permissions(key, user) if not grant: raise NotFound return Response(ContentLibraryPermissionSerializer(grant).data)
def put(self, request, lib_key_str, username): """ Add a user to this content library, with permissions specified in the request body. """ key = LibraryLocatorV2.from_string(lib_key_str) api.require_permission_for_library_key(key, request.user, permissions.CAN_EDIT_THIS_CONTENT_LIBRARY_TEAM) serializer = ContentLibraryPermissionLevelSerializer(data=request.data) serializer.is_valid(raise_exception=True) user = get_object_or_404(User, username=username) try: api.set_library_user_permissions(key, user, access_level=serializer.validated_data["access_level"]) except api.LibraryPermissionIntegrityError as err: raise ValidationError(detail=str(err)) grant = api.get_library_user_permissions(key, user) return Response(ContentLibraryPermissionSerializer(grant).data)
def _authenticate_and_login(self, usage_key): """ Authenticate and authorize the user for this LTI message launch. We automatically create LTI profile for every valid launch, and authenticate the LTI user associated with it. """ # Check library authorization. if not ContentLibrary.authorize_lti_launch( usage_key.lib_key, issuer=self.launch_data['iss'], client_id=self.launch_data['aud'] ): return None # Check LTI profile. LtiProfile.objects.get_or_create_from_claims( iss=self.launch_data['iss'], aud=self.launch_data['aud'], sub=self.launch_data['sub']) edx_user = authenticate( self.request, iss=self.launch_data['iss'], aud=self.launch_data['aud'], sub=self.launch_data['sub']) if edx_user is not None: login(self.request, edx_user) perms = api.get_library_user_permissions( usage_key.lib_key, self.request.user) if not perms: api.set_library_user_permissions( usage_key.lib_key, self.request.user, api.AccessLevel.ADMIN_LEVEL) return edx_user